advice on BGP + CARP setup on FreeBSD

Thu Nov 7 16:26:30 UTC 2013

First, my warm thanks to everyone to responded on and off list, an
amazing response that truly speaks for the opennness and incredible
skill of this community.

We are likely to change the setup to make sure the switch fabric sits
behind the edge routers, and thanks to my new understanding of iBGP,
will simply associate different upstream with the different edge routers
and run BGP between them.

The downside of this setup is that if a router falls over, we loose an
uplink, but that's a minor problem considering how it makes the whole
setup much simpler, and completely removes the single point of failure
of the switch. And anyways since the uplinks are directly in the router,
the downtime should be negligible in such a (rare) occurence.

We will keep on experimenting with OpenBGPd, but at the first sign of
trouble we will switch to what seems to be the more widely accepted
alternative in the *BSD world, Bird, which also allows for a clean
transition to GNU/Linux if we ever make the jump.

CARP will come later, but will still be in the picture. Both routers
will be in production at all time, and we'll use CARP to elect the
gateway for the internal network. We prefer CARP to VRRP because it
seems well supported in *BSD world and because VRRP is
patent-encumbered. I am worried, however, of rumours of kernel panics
associated with CARP, but I am confident that the very responsive
FreeBSD community will be able to help with that.

Thanks again for all your feedback, you guys rock.

Cheers,

A.

-- 
A ballot is like a bullet. You don't throw your ballots until you see
a target, and if that target is not within your reach, keep your
ballot in your pocket.
                         - Malcom X
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20131107/3357f81a/attachment.sig>